Thursday

13th May 2021

Irish court orders probe into Facebook privacy case

Ireland's high court on Tuesday (20 October) ordered a privacy abuse probe into Facebook.

The court decision means that Ireland's privacy watchdog will have to launch an investigation on whether to suspend the transfer of European Facebook users' data to the United States.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

  • Facebook has its main data servers in the United States (Photo: Tom Raftery)

"The commissioner is obliged now to investigate the complaint … and I've absolutely no doubt that she will proceed to do so", said Ireland's high court judge, Gerard Hogan.

Facebook has its international headquarters in Dublin.

Ireland's data protection commissioner had initially opposed the probe because the social media giant is covered by a so-called Safe Harbour agreement between the US and the EU.

Safe Harbour is an executive decision by the European Commission, which determined in 2000 that the US provides an adequate level of protection of EU nationals' data.

Several thousand other US-based companies, including Google and Apple, are also listed in the self-certification scheme.

But the European Court of Justice earlier this month declared the agreement invalid following a legal battle by Austrian privacy campaigner Max Schrems.

Schrems had argued that Facebook could not protect his data because the US National Security Agency (NSA) uses covert software to hoover it up, according to revelations from whistleblower Edward Snowden.

Schrems also remains sceptical that Ireland's data protection commissioner, Helen Dixon, will pursue the investigation with any zeal.

"Given my experience, I doubt that what is today mainly a 'tech business protection authority' will wake up tomorrow and turn into real 'data protection authority' - but I guess we'll see soon", he said.

But Dixon, in a statement on Tuesday, said she would comply with judge Hogan's ruling.

"My office will now proceed to investigate the substance of the complaint with all due diligence", she said.

The move signals the start of the first investigation by a European data authority into how the NSA accessed personal data of EU nationals held by a US company.

The European Commission had also highlighted access concerns.

In a 2013 review on Safe Harbour, the Commission said that US authorities may have accessed transferred personal data and processed it in ways that was "beyond what was strictly necessary and proportionate to the protection of national security".

Facebook, for its part, denies giving the US spy agency any back-door access to its data servers.

"Facebook is not and has never been part of any program to give the US government direct access to our servers", said a spokesperson.

The company said it would "respond to enquiries from the Irish Data Protection Commission as they examine the protections for the transfer of personal data under applicable law".

Facebook can still transfer data from Europe to the United States despite an invalidated Safe Harbour.

The company, along with others under the agreement, is using other legal structures to transfer the information.

But some legal experts say the alternative transfer methods, including so-called model contract clauses, will not offer much protection either.

Facebook censors Norway's PM

The US company is accused of censorship after it deleted an iconic Vietnam War photo and removed criticism it received over the decision. Norway's prime minister was not spared.

News in Brief

  1. No EUobserver newsletter on Friday 14 May
  2. Germany stops Facebook gathering WhatsApp data
  3. Italy rebuts reports of EU deal with Libya
  4. MEPs demand EU states protect women's reproductive rights
  5. At least nine dead in Russia school shooting
  6. Bulgaria interim government appointed until July election
  7. German priests defy pope to bless same-sex couples
  8. New EU public prosecutor faults Slovenia

Are EU data watchdogs staffed for GDPR?

The success of the new general data protection regulation (GDPR) will depend on whether data protection authorities enforce the new rules - which, in turn, will be at least partly determined by how many people they employ.

Eight countries to miss EU data protection deadline

The EU starts enforcing its general data protection regulation on 25 May - but Belgium, Bulgaria, Cyprus, Czech Republic, Greece, Hungary, Lithuania and Slovenia won't be ready. The delay will cause legal uncertainty.

Stakeholders' Highlights

  1. Nordic Council of MinistersNordic Council enters into formal relations with European Parliament
  2. Nordic Council of MinistersWomen more active in violent extremist circles than first assumed
  3. Nordic Council of MinistersDigitalisation can help us pick up the green pace
  4. Nordic Council of MinistersCOVID19 is a wake-up call in the fight against antibiotic resistance
  5. Nordic Council of MinistersThe Nordic Region can and should play a leading role in Europe’s digital development
  6. Nordic Council of MinistersNordic Council to host EU webinars on energy, digitalisation and antibiotic resistance

Latest News

  1. EU aims at 'zero pollution' in air, water and soil by 2050
  2. French police arrest Luxembourg former top spy
  3. Vaccine drives spur better-than-expected EU economic recovery
  4. Slovenia causing headaches for new EU anti-graft office
  5. 'No place to hide' in Gaza, as fighting escalates
  6. EU chases 90m AstraZeneca vaccines in fresh legal battle
  7. Fidesz MEP oversees FOI appeals on disgraced Fidesz MEP
  8. Belgium outlines summer Covid relaxation plans

Join EUobserver

Support quality EU news

Join us